Sans Institute Identifies New Threats: Free Applicure Downlo

Sans Institute Identifies New Threats: Free Applicure Download Suggested

Published 29th November 2007

+ Critical new threats unveiled by annual SANS Institute report
+ Free Applicure download detects threats in realtime

London, UK, November 27 2007 – IT security experts the SANS Institute today named Applicure’s free dotDefender Monitor as a tool to detect the latest emerging threat of vulnerabilities in custom built applications.

Applicure is an expert in application security products for websites and web-based applications, and offers dotDefender Monitor as a free download from www.applicure.com/?page=Sans. It is the only product on the market that can provide IT professionals with real time alerts on application attacks, sources of attack, and which application vulnerabilities they target. The dotDefender Monitor detects attacks using a database of hundreds of advanced security rules, while an intuitive log viewer allows users to quickly receive information about who is attacking their application.

“SANS is saying that web application insecurity is a key new risk and that there is an urgent need for ongoing monitoring of the attacks themselves. Although other products can check individual applications, dotDefender Monitor is the only one that offers ongoing assessment of attacks - Applicure is dealing with security in the real world”, said Yaacov Sherban, CEO Applicure.

“Firewalls have improved significantly, so it is now difficult to perform attacks on a network level, therefore hackers are now aiming at the application level”, continued Sherban, “unfortunately, application developers are writing pretty awful code. This is a major issue, and most applications are vulnerable at some level.”

In the annual security industry bellwether report, SANS 2007 Top 20 Internet Security Risks, SANS today agreed that a critical new attack vector for corporate hackers is via insecure coding in custom-built applications.

“For most large and sensitive organizations the newest risks are the ones causing the most trouble,” said Alan Paller, Director of Research at SANS. “Until colleges that teach programmers and companies that employ programmers ensure that developers learn secure coding, and until those employers ensure that they work in an effective secure development life cycle, we will continue to see major vulnerabilities in nearly half of all web applications”, continued Paller.

Applicure Technologies’ dotDefender Monitor is based on the technology of dotDefender™, Applicure’s plug & play web application firewall. It is available free from www.applicure.com/?page=Sans.

Web application security protection
Applicure monitors and also protects organisations against web application threats. Applicure’s dotDefender v3.2 is a security software for web applications which provides advanced protection against external and internal hacking.

dotDefender provides high strength protection against SQL Injection, Cross-site scripting, Path Traversal, and many other application attacks.

It is deployed as a web server security plug-in that inspects incoming requests as they are processed by the server. This allows dotDefender to deliver excellent performance and support all types of encryption.

A rules based security engine, dotDefender monitors, blocks and manages attacks against websites and online web applications. An automatic live update ensures continuous protection against emerging threats and 0-day attacks.

The plug-in is multiplatform and can be used on Apache, Microsoft ISA and IIS and is geared at the enterprise and SME markets.

New contracts
Applicure has recently signed contracts to provide its dotDefender technology to the following hosting companies:

Bridgeline, US http://bridgelinesw.com/
Arkenis, France http://www.arkenis.com/
Bezeq International, Israel, http://www.bezeqint.net/index_eng.html